What Security Features does Internet Explorer Have?
Internet Explorer(IE) is a safe browser in many ways. The latest version of IE supports Secure Socket Layer (SSL) 2.0/3.0, Private Communication Technology (PCT) 1.0, CryptoAPI, and VeriSign certificates, and one version employs 128-bit encryption, one of the strongest forms of encryption that's commercially available for use over the Internet. To see if you have the 128-bit version of Internet Explorer, go to the Wells Fargo Bank site and take their browser test.

Secure Socket Layer (SSL) is a Netscape-developed protocol submitted to the W3C working group on security for consideration as a standard security approach for World Wide Web browsers and servers on the Internet. SSL provides a security "handshake" that is used to initiate the TCP/IP connection. This handshake results in the client and server agreeing on the level of security they will use and fulfills any authentication requirements for the connection. Thereafter, SSL's only role is to encrypt and decrypt the byte stream of the application protocol being used (for example, HTTP). This means that all the information in both the HTTP request and the HTTP response are fully encrypted, including the URL the client is requesting, any submitted form contents (such as credit card numbers), any HTTP access authorization information (usernames and passwords), and all the data returned from the server to the client." -- Microsoft's IIS 1.0 Features Tour. It has been reported, however, that SSL has been cracked.

Private Communication Technology (PCT) is a Microsoft-developed security protocol available in IE only. According to their Internet draft, "The Private Communication Technology (PCT) protocol is designed to provide privacy between two communicating applications (a client and a server), and to authenticate the server and (optionally) the client. PCT assumes a reliable transport protocol (e.g., TCP) for data transmission and reception. The PCT protocol is application protocol-independent. A "higher level" application protocol (e.g., HTTP, FTP, TELNET, etc.) can layer on top of the PCT protocol transparently. The PCT protocol begins with a handshake phase that negotiates an encryption algorithm and (symmetric) session key as well as authenticating a server to the client (and, optionally, vice versa), based on certified asymmetric public keys. Once transmission of application protocol data begins, all data is encrypted using the session key negotiated during the handshake."

IE also supports server and client authentication by using digital certificates to identify users to web servers. In addition, IE supports code signing with Authenticode, which verifies that downloaded code has not been modified. For more information on Authenticode, visit Microsoft's Authenticode page or the excellent Authenticode FAQ page.

CryptoAPI 1.0 provides the underlying security services for the Microsoft Internet Security Framework. CryptoAPI allows developers to integrate cryptography into their applications.

What are "Cookies?"
Cookies are small text files that are sent to web browsers by web servers. The main purpose of cookie files are to identify users and to present customized information based on personal preferences. Cookie files typically contain information such as your name (or username), password information, or ad-tracking information. There is a good body of literature on the Internet about cookies. Despite what you may have read or heard, most people, including myself, do not view cookies as any kind of a security threat. However, because of the way cookies work (e.g., a web server storing a text file on someone's hard drive), Microsoft (and other browser manufacturers) have built options into their browsers that notify users when cookies are being passed to them, and give the user an option to prevent the cookie from being accepted. I don't think this is a good idea. By rejecting cookies, your browser may not display the entire page or the site may not function as intended.

The reality is that cookies are text files -- they cannot contain viruses or execute applications, they cannot search your hard drive for information or send it to web servers, and most of the information they contain is simple tracking information designed to effect better customer service. You might be interested to read Microsoft's article on why they use cookies on their site.

Okay, Now How Actually Can I Make My Browser Safer?

For Internet Explorer, from the Tools menu, choose Internet Options.

Choose Internet Options

A new window will appear:

Choose the level of Privacy you want

Then flip to the Privacy Tap. From the lever, you can choose the level of security that you want.

Block All Cookies: This is the highest setting, i.e. the most 'private'. But since a lot of websites utilize Cookies, websites may not display properly.

High: This setting blocks cookies from sites that don't have a privacy policy, i.e. they don't promise that they'll keep your information private.

Medium High: This is similar to the 'high' setting, but it only blocks cookies from Third Party sites that don't have privacy policies.

Medium: This is almost the same as 'Medium High', but it restricts the cookies from First Party sites which contain personal information instead of blocking them. This is also the default setting, that is, the setting that comes with your browser. Recommended for most users.

Low: This setting only restricts the cookies; it doesn't block them.

Accept All Cookies: This setting has not privacy protection at all. It accepts every cookies, even if they intrude into your privacy. Not recommended.

After choosing the preferred level of privacy, click 'OK'.

That's it.